Dnia 24.01.2024 o godz. 11:57:13 Randolf Richardson, Postmaster via mailop pisze: > > But, in reality not really worth the trouble.. domains are easy to > > forge, and innocent companies maybe trying to verify the address, > > because a bad guy used it in a contact form.. > > Not when SPF/DKIM/DMARC are configured properly. Unfortunately, you > are generally correct because many domains that are actively used for > legitimate eMail don't employ SPF/DKIM/DMARC to prevent forgeries. :(
As far as I understand, this staement was referring to *receiving* domain, and not the *sending* domain - especially that "contact form" is mentioned. The OP wants to process messages *received* by domains that *should not be mailed to* and use these messages to feed a spamtrap. The "domains are easy to forge" statement referred - in my opinion - to the fact that some malicious actor can put an address in this "not-to-be-mailed" domain for example in a newsletter subscription form on a completely legitimate website. That website will send a confirmation message (which will be properly SPF/DKIM/DMARC autenticated) to a "spamtrap" address, thus ending up blocked. -- Pozdrowienia, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
